======================
			  Cistron LDAP Patch
			======================

For the latest version of this patch, please go to:

    http://works.agni.com/cistron-ldap.html


Directory Structure:
--------------------

The RDN must be "uid=<USER_ID>".  An example DN looks like:

    uid=mojahed,ou=dialin,dc=agni,dc=com

In this scheme, we don't have to write extra (and error prone) code
the user add scripts to check duplicate uids.


Schema:
-------

You can find our LDAP schema in the website.  If you only want to put
the "users" file in LDAP you can use the aRadiusAccount object class
directly.  To put more information, you can derive a new objectClass
from aRadiusAccount.


Configuration file:
-------------------

LDAP configuration is read from ldap.conf in the radius configuration
directory, which is normally /etc/raddb.  The patch changes this
directory to /usr/local/etc.  I feel this is a better place for it.
In the config file, all blank lines and lines starting with '#' are
ignored.  The configuration parameters are:

  server:     Host name of the LDAP server.
  port:	      Port number the LDAP server is listening on.  Default
	      is 389.
  base:	      This is appended to the "uid=<USER_ID>" RDN to get the
	      full DN of the account.
  filter:     This filter is applied to the LDAP search.  You must
	      specify one.  If you can not come up with any that
	      works, you may want to use "objectClass=*".
  auth_dn:    The DN Cistron should bind as.  Make sure this DN has
	      read permission to all the RADIUS attributes, especially
	      userPassword.
  auth_pw:    Password for auth_dn.

An example config file is included in the patch.